2 * mac80211 TDLS handling code
4 * Copyright 2006-2010 Johannes Berg <johannes@sipsolutions.net>
5 * Copyright 2014, Intel Corporation
6 * Copyright 2014 Intel Mobile Communications GmbH
7 * Copyright 2015 Intel Deutschland GmbH
9 * This file is GPLv2 as found in COPYING.
12 #include <linux/ieee80211.h>
13 #include <linux/log2.h>
14 #include <net/cfg80211.h>
15 #include <linux/rtnetlink.h>
16 #include "ieee80211_i.h"
17 #include "driver-ops.h"
19 /* give usermode some time for retries in setting up the TDLS session */
20 #define TDLS_PEER_SETUP_TIMEOUT (15 * HZ)
22 void ieee80211_tdls_peer_del_work(struct work_struct
*wk
)
24 struct ieee80211_sub_if_data
*sdata
;
25 struct ieee80211_local
*local
;
27 sdata
= container_of(wk
, struct ieee80211_sub_if_data
,
28 u
.mgd
.tdls_peer_del_work
.work
);
31 mutex_lock(&local
->mtx
);
32 if (!is_zero_ether_addr(sdata
->u
.mgd
.tdls_peer
)) {
33 tdls_dbg(sdata
, "TDLS del peer %pM\n", sdata
->u
.mgd
.tdls_peer
);
34 sta_info_destroy_addr(sdata
, sdata
->u
.mgd
.tdls_peer
);
35 eth_zero_addr(sdata
->u
.mgd
.tdls_peer
);
37 mutex_unlock(&local
->mtx
);
40 static void ieee80211_tdls_add_ext_capab(struct ieee80211_sub_if_data
*sdata
,
43 struct ieee80211_local
*local
= sdata
->local
;
44 bool chan_switch
= local
->hw
.wiphy
->features
&
45 NL80211_FEATURE_TDLS_CHANNEL_SWITCH
;
46 bool wider_band
= ieee80211_hw_check(&local
->hw
, TDLS_WIDER_BW
);
47 enum ieee80211_band band
= ieee80211_get_sdata_band(sdata
);
48 struct ieee80211_supported_band
*sband
= local
->hw
.wiphy
->bands
[band
];
49 bool vht
= sband
&& sband
->vht_cap
.vht_supported
;
50 u8
*pos
= (void *)skb_put(skb
, 10);
52 *pos
++ = WLAN_EID_EXT_CAPABILITY
;
57 *pos
++ = chan_switch
? WLAN_EXT_CAPA4_TDLS_CHAN_SWITCH
: 0;
58 *pos
++ = WLAN_EXT_CAPA5_TDLS_ENABLED
;
61 *pos
++ = (vht
&& wider_band
) ? WLAN_EXT_CAPA8_TDLS_WIDE_BW_ENABLED
: 0;
65 ieee80211_tdls_add_subband(struct ieee80211_sub_if_data
*sdata
,
66 struct sk_buff
*skb
, u16 start
, u16 end
,
69 u8 subband_cnt
= 0, ch_cnt
= 0;
70 struct ieee80211_channel
*ch
;
71 struct cfg80211_chan_def chandef
;
73 struct wiphy
*wiphy
= sdata
->local
->hw
.wiphy
;
75 for (i
= start
; i
<= end
; i
+= spacing
) {
79 ch
= ieee80211_get_channel(sdata
->local
->hw
.wiphy
, i
);
81 /* we will be active on the channel */
82 cfg80211_chandef_create(&chandef
, ch
,
84 if (cfg80211_reg_can_beacon_relax(wiphy
, &chandef
,
85 sdata
->wdev
.iftype
)) {
88 * check if the next channel is also part of
96 * we've reached the end of a range, with allowed channels
100 u8
*pos
= skb_put(skb
, 2);
101 *pos
++ = ieee80211_frequency_to_channel(subband_start
);
109 /* all channels in the requested range are allowed - add them here */
111 u8
*pos
= skb_put(skb
, 2);
112 *pos
++ = ieee80211_frequency_to_channel(subband_start
);
122 ieee80211_tdls_add_supp_channels(struct ieee80211_sub_if_data
*sdata
,
126 * Add possible channels for TDLS. These are channels that are allowed
130 u8
*pos
= skb_put(skb
, 2);
132 *pos
++ = WLAN_EID_SUPPORTED_CHANNELS
;
135 * 5GHz and 2GHz channels numbers can overlap. Ignore this for now, as
136 * this doesn't happen in real world scenarios.
139 /* 2GHz, with 5MHz spacing */
140 subband_cnt
= ieee80211_tdls_add_subband(sdata
, skb
, 2412, 2472, 5);
142 /* 5GHz, with 20MHz spacing */
143 subband_cnt
+= ieee80211_tdls_add_subband(sdata
, skb
, 5000, 5825, 20);
146 *pos
= 2 * subband_cnt
;
149 static void ieee80211_tdls_add_oper_classes(struct ieee80211_sub_if_data
*sdata
,
155 if (!ieee80211_chandef_to_operating_class(&sdata
->vif
.bss_conf
.chandef
,
159 pos
= skb_put(skb
, 4);
160 *pos
++ = WLAN_EID_SUPPORTED_REGULATORY_CLASSES
;
161 *pos
++ = 2; /* len */
164 *pos
++ = op_class
; /* give current operating class as alternate too */
167 static void ieee80211_tdls_add_bss_coex_ie(struct sk_buff
*skb
)
169 u8
*pos
= (void *)skb_put(skb
, 3);
171 *pos
++ = WLAN_EID_BSS_COEX_2040
;
172 *pos
++ = 1; /* len */
174 *pos
++ = WLAN_BSS_COEX_INFORMATION_REQUEST
;
177 static u16
ieee80211_get_tdls_sta_capab(struct ieee80211_sub_if_data
*sdata
,
180 /* The capability will be 0 when sending a failure code */
181 if (status_code
!= 0)
184 if (ieee80211_get_sdata_band(sdata
) == IEEE80211_BAND_2GHZ
) {
185 return WLAN_CAPABILITY_SHORT_SLOT_TIME
|
186 WLAN_CAPABILITY_SHORT_PREAMBLE
;
192 static void ieee80211_tdls_add_link_ie(struct ieee80211_sub_if_data
*sdata
,
193 struct sk_buff
*skb
, const u8
*peer
,
196 struct ieee80211_tdls_lnkie
*lnkid
;
197 const u8
*init_addr
, *rsp_addr
;
200 init_addr
= sdata
->vif
.addr
;
204 rsp_addr
= sdata
->vif
.addr
;
207 lnkid
= (void *)skb_put(skb
, sizeof(struct ieee80211_tdls_lnkie
));
209 lnkid
->ie_type
= WLAN_EID_LINK_ID
;
210 lnkid
->ie_len
= sizeof(struct ieee80211_tdls_lnkie
) - 2;
212 memcpy(lnkid
->bssid
, sdata
->u
.mgd
.bssid
, ETH_ALEN
);
213 memcpy(lnkid
->init_sta
, init_addr
, ETH_ALEN
);
214 memcpy(lnkid
->resp_sta
, rsp_addr
, ETH_ALEN
);
218 ieee80211_tdls_add_aid(struct ieee80211_sub_if_data
*sdata
, struct sk_buff
*skb
)
220 struct ieee80211_if_managed
*ifmgd
= &sdata
->u
.mgd
;
221 u8
*pos
= (void *)skb_put(skb
, 4);
223 *pos
++ = WLAN_EID_AID
;
224 *pos
++ = 2; /* len */
225 put_unaligned_le16(ifmgd
->aid
, pos
);
228 /* translate numbering in the WMM parameter IE to the mac80211 notation */
229 static enum ieee80211_ac_numbers
ieee80211_ac_from_wmm(int ac
)
235 return IEEE80211_AC_BE
;
237 return IEEE80211_AC_BK
;
239 return IEEE80211_AC_VI
;
241 return IEEE80211_AC_VO
;
245 static u8
ieee80211_wmm_aci_aifsn(int aifsn
, bool acm
, int aci
)
252 ret
|= (aci
<< 5) & 0x60;
256 static u8
ieee80211_wmm_ecw(u16 cw_min
, u16 cw_max
)
258 return ((ilog2(cw_min
+ 1) << 0x0) & 0x0f) |
259 ((ilog2(cw_max
+ 1) << 0x4) & 0xf0);
262 static void ieee80211_tdls_add_wmm_param_ie(struct ieee80211_sub_if_data
*sdata
,
265 struct ieee80211_wmm_param_ie
*wmm
;
266 struct ieee80211_tx_queue_params
*txq
;
269 wmm
= (void *)skb_put(skb
, sizeof(*wmm
));
270 memset(wmm
, 0, sizeof(*wmm
));
272 wmm
->element_id
= WLAN_EID_VENDOR_SPECIFIC
;
273 wmm
->len
= sizeof(*wmm
) - 2;
275 wmm
->oui
[0] = 0x00; /* Microsoft OUI 00:50:F2 */
278 wmm
->oui_type
= 2; /* WME */
279 wmm
->oui_subtype
= 1; /* WME param */
280 wmm
->version
= 1; /* WME ver */
281 wmm
->qos_info
= 0; /* U-APSD not in use */
284 * Use the EDCA parameters defined for the BSS, or default if the AP
285 * doesn't support it, as mandated by 802.11-2012 section 10.22.4
287 for (i
= 0; i
< IEEE80211_NUM_ACS
; i
++) {
288 txq
= &sdata
->tx_conf
[ieee80211_ac_from_wmm(i
)];
289 wmm
->ac
[i
].aci_aifsn
= ieee80211_wmm_aci_aifsn(txq
->aifs
,
291 wmm
->ac
[i
].cw
= ieee80211_wmm_ecw(txq
->cw_min
, txq
->cw_max
);
292 wmm
->ac
[i
].txop_limit
= cpu_to_le16(txq
->txop
);
297 ieee80211_tdls_chandef_vht_upgrade(struct ieee80211_sub_if_data
*sdata
,
298 struct sta_info
*sta
)
300 /* IEEE802.11ac-2013 Table E-4 */
301 u16 centers_80mhz
[] = { 5210, 5290, 5530, 5610, 5690, 5775 };
302 struct cfg80211_chan_def uc
= sta
->tdls_chandef
;
303 enum nl80211_chan_width max_width
= ieee80211_get_sta_bw(&sta
->sta
);
306 /* only support upgrading non-narrow channels up to 80Mhz */
307 if (max_width
== NL80211_CHAN_WIDTH_5
||
308 max_width
== NL80211_CHAN_WIDTH_10
)
311 if (max_width
> NL80211_CHAN_WIDTH_80
)
312 max_width
= NL80211_CHAN_WIDTH_80
;
314 if (uc
.width
== max_width
)
317 * Channel usage constrains in the IEEE802.11ac-2013 specification only
318 * allow expanding a 20MHz channel to 80MHz in a single way. In
319 * addition, there are no 40MHz allowed channels that are not part of
320 * the allowed 80MHz range in the 5GHz spectrum (the relevant one here).
322 for (i
= 0; i
< ARRAY_SIZE(centers_80mhz
); i
++)
323 if (abs(uc
.chan
->center_freq
- centers_80mhz
[i
]) <= 30) {
324 uc
.center_freq1
= centers_80mhz
[i
];
325 uc
.width
= NL80211_CHAN_WIDTH_80
;
329 if (!uc
.center_freq1
)
332 /* proceed to downgrade the chandef until usable or the same */
333 while (uc
.width
> max_width
&&
334 !cfg80211_reg_can_beacon(sdata
->local
->hw
.wiphy
,
335 &uc
, sdata
->wdev
.iftype
))
336 ieee80211_chandef_downgrade(&uc
);
338 if (!cfg80211_chandef_identical(&uc
, &sta
->tdls_chandef
)) {
339 tdls_dbg(sdata
, "TDLS ch width upgraded %d -> %d\n",
340 sta
->tdls_chandef
.width
, uc
.width
);
343 * the station is not yet authorized when BW upgrade is done,
344 * locking is not required
346 sta
->tdls_chandef
= uc
;
351 ieee80211_tdls_add_setup_start_ies(struct ieee80211_sub_if_data
*sdata
,
352 struct sk_buff
*skb
, const u8
*peer
,
353 u8 action_code
, bool initiator
,
354 const u8
*extra_ies
, size_t extra_ies_len
)
356 enum ieee80211_band band
= ieee80211_get_sdata_band(sdata
);
357 struct ieee80211_local
*local
= sdata
->local
;
358 struct ieee80211_supported_band
*sband
;
359 struct ieee80211_sta_ht_cap ht_cap
;
360 struct ieee80211_sta_vht_cap vht_cap
;
361 struct sta_info
*sta
= NULL
;
362 size_t offset
= 0, noffset
;
365 ieee80211_add_srates_ie(sdata
, skb
, false, band
);
366 ieee80211_add_ext_srates_ie(sdata
, skb
, false, band
);
367 ieee80211_tdls_add_supp_channels(sdata
, skb
);
369 /* add any custom IEs that go before Extended Capabilities */
371 static const u8 before_ext_cap
[] = {
374 WLAN_EID_EXT_SUPP_RATES
,
375 WLAN_EID_SUPPORTED_CHANNELS
,
378 noffset
= ieee80211_ie_split(extra_ies
, extra_ies_len
,
380 ARRAY_SIZE(before_ext_cap
),
382 pos
= skb_put(skb
, noffset
- offset
);
383 memcpy(pos
, extra_ies
+ offset
, noffset
- offset
);
387 ieee80211_tdls_add_ext_capab(sdata
, skb
);
389 /* add the QoS element if we support it */
390 if (local
->hw
.queues
>= IEEE80211_NUM_ACS
&&
391 action_code
!= WLAN_PUB_ACTION_TDLS_DISCOVER_RES
)
392 ieee80211_add_wmm_info_ie(skb_put(skb
, 9), 0); /* no U-APSD */
394 /* add any custom IEs that go before HT capabilities */
396 static const u8 before_ht_cap
[] = {
399 WLAN_EID_EXT_SUPP_RATES
,
400 WLAN_EID_SUPPORTED_CHANNELS
,
402 WLAN_EID_EXT_CAPABILITY
,
404 WLAN_EID_FAST_BSS_TRANSITION
,
405 WLAN_EID_TIMEOUT_INTERVAL
,
406 WLAN_EID_SUPPORTED_REGULATORY_CLASSES
,
408 noffset
= ieee80211_ie_split(extra_ies
, extra_ies_len
,
410 ARRAY_SIZE(before_ht_cap
),
412 pos
= skb_put(skb
, noffset
- offset
);
413 memcpy(pos
, extra_ies
+ offset
, noffset
- offset
);
417 mutex_lock(&local
->sta_mtx
);
419 /* we should have the peer STA if we're already responding */
420 if (action_code
== WLAN_TDLS_SETUP_RESPONSE
) {
421 sta
= sta_info_get(sdata
, peer
);
422 if (WARN_ON_ONCE(!sta
)) {
423 mutex_unlock(&local
->sta_mtx
);
427 sta
->tdls_chandef
= sdata
->vif
.bss_conf
.chandef
;
430 ieee80211_tdls_add_oper_classes(sdata
, skb
);
433 * with TDLS we can switch channels, and HT-caps are not necessarily
434 * the same on all bands. The specification limits the setup to a
435 * single HT-cap, so use the current band for now.
437 sband
= local
->hw
.wiphy
->bands
[band
];
438 memcpy(&ht_cap
, &sband
->ht_cap
, sizeof(ht_cap
));
440 if ((action_code
== WLAN_TDLS_SETUP_REQUEST
||
441 action_code
== WLAN_PUB_ACTION_TDLS_DISCOVER_RES
) &&
442 ht_cap
.ht_supported
) {
443 ieee80211_apply_htcap_overrides(sdata
, &ht_cap
);
445 /* disable SMPS in TDLS initiator */
446 ht_cap
.cap
|= WLAN_HT_CAP_SM_PS_DISABLED
447 << IEEE80211_HT_CAP_SM_PS_SHIFT
;
449 pos
= skb_put(skb
, sizeof(struct ieee80211_ht_cap
) + 2);
450 ieee80211_ie_build_ht_cap(pos
, &ht_cap
, ht_cap
.cap
);
451 } else if (action_code
== WLAN_TDLS_SETUP_RESPONSE
&&
452 ht_cap
.ht_supported
&& sta
->sta
.ht_cap
.ht_supported
) {
453 /* the peer caps are already intersected with our own */
454 memcpy(&ht_cap
, &sta
->sta
.ht_cap
, sizeof(ht_cap
));
456 pos
= skb_put(skb
, sizeof(struct ieee80211_ht_cap
) + 2);
457 ieee80211_ie_build_ht_cap(pos
, &ht_cap
, ht_cap
.cap
);
460 if (ht_cap
.ht_supported
&&
461 (ht_cap
.cap
& IEEE80211_HT_CAP_SUP_WIDTH_20_40
))
462 ieee80211_tdls_add_bss_coex_ie(skb
);
464 ieee80211_tdls_add_link_ie(sdata
, skb
, peer
, initiator
);
466 /* add any custom IEs that go before VHT capabilities */
468 static const u8 before_vht_cap
[] = {
471 WLAN_EID_EXT_SUPP_RATES
,
472 WLAN_EID_SUPPORTED_CHANNELS
,
474 WLAN_EID_EXT_CAPABILITY
,
476 WLAN_EID_FAST_BSS_TRANSITION
,
477 WLAN_EID_TIMEOUT_INTERVAL
,
478 WLAN_EID_SUPPORTED_REGULATORY_CLASSES
,
481 noffset
= ieee80211_ie_split(extra_ies
, extra_ies_len
,
483 ARRAY_SIZE(before_vht_cap
),
485 pos
= skb_put(skb
, noffset
- offset
);
486 memcpy(pos
, extra_ies
+ offset
, noffset
- offset
);
490 /* build the VHT-cap similarly to the HT-cap */
491 memcpy(&vht_cap
, &sband
->vht_cap
, sizeof(vht_cap
));
492 if ((action_code
== WLAN_TDLS_SETUP_REQUEST
||
493 action_code
== WLAN_PUB_ACTION_TDLS_DISCOVER_RES
) &&
494 vht_cap
.vht_supported
) {
495 ieee80211_apply_vhtcap_overrides(sdata
, &vht_cap
);
497 /* the AID is present only when VHT is implemented */
498 if (action_code
== WLAN_TDLS_SETUP_REQUEST
)
499 ieee80211_tdls_add_aid(sdata
, skb
);
501 pos
= skb_put(skb
, sizeof(struct ieee80211_vht_cap
) + 2);
502 ieee80211_ie_build_vht_cap(pos
, &vht_cap
, vht_cap
.cap
);
503 } else if (action_code
== WLAN_TDLS_SETUP_RESPONSE
&&
504 vht_cap
.vht_supported
&& sta
->sta
.vht_cap
.vht_supported
) {
505 /* the peer caps are already intersected with our own */
506 memcpy(&vht_cap
, &sta
->sta
.vht_cap
, sizeof(vht_cap
));
508 /* the AID is present only when VHT is implemented */
509 ieee80211_tdls_add_aid(sdata
, skb
);
511 pos
= skb_put(skb
, sizeof(struct ieee80211_vht_cap
) + 2);
512 ieee80211_ie_build_vht_cap(pos
, &vht_cap
, vht_cap
.cap
);
515 * if both peers support WIDER_BW, we can expand the chandef to
516 * a wider compatible one, up to 80MHz
518 if (test_sta_flag(sta
, WLAN_STA_TDLS_WIDER_BW
))
519 ieee80211_tdls_chandef_vht_upgrade(sdata
, sta
);
522 mutex_unlock(&local
->sta_mtx
);
524 /* add any remaining IEs */
526 noffset
= extra_ies_len
;
527 pos
= skb_put(skb
, noffset
- offset
);
528 memcpy(pos
, extra_ies
+ offset
, noffset
- offset
);
534 ieee80211_tdls_add_setup_cfm_ies(struct ieee80211_sub_if_data
*sdata
,
535 struct sk_buff
*skb
, const u8
*peer
,
536 bool initiator
, const u8
*extra_ies
,
537 size_t extra_ies_len
)
539 struct ieee80211_local
*local
= sdata
->local
;
540 struct ieee80211_if_managed
*ifmgd
= &sdata
->u
.mgd
;
541 size_t offset
= 0, noffset
;
542 struct sta_info
*sta
, *ap_sta
;
543 enum ieee80211_band band
= ieee80211_get_sdata_band(sdata
);
546 mutex_lock(&local
->sta_mtx
);
548 sta
= sta_info_get(sdata
, peer
);
549 ap_sta
= sta_info_get(sdata
, ifmgd
->bssid
);
550 if (WARN_ON_ONCE(!sta
|| !ap_sta
)) {
551 mutex_unlock(&local
->sta_mtx
);
555 sta
->tdls_chandef
= sdata
->vif
.bss_conf
.chandef
;
557 /* add any custom IEs that go before the QoS IE */
559 static const u8 before_qos
[] = {
562 noffset
= ieee80211_ie_split(extra_ies
, extra_ies_len
,
564 ARRAY_SIZE(before_qos
),
566 pos
= skb_put(skb
, noffset
- offset
);
567 memcpy(pos
, extra_ies
+ offset
, noffset
- offset
);
571 /* add the QoS param IE if both the peer and we support it */
572 if (local
->hw
.queues
>= IEEE80211_NUM_ACS
&& sta
->sta
.wme
)
573 ieee80211_tdls_add_wmm_param_ie(sdata
, skb
);
575 /* add any custom IEs that go before HT operation */
577 static const u8 before_ht_op
[] = {
580 WLAN_EID_FAST_BSS_TRANSITION
,
581 WLAN_EID_TIMEOUT_INTERVAL
,
583 noffset
= ieee80211_ie_split(extra_ies
, extra_ies_len
,
585 ARRAY_SIZE(before_ht_op
),
587 pos
= skb_put(skb
, noffset
- offset
);
588 memcpy(pos
, extra_ies
+ offset
, noffset
- offset
);
592 /* if HT support is only added in TDLS, we need an HT-operation IE */
593 if (!ap_sta
->sta
.ht_cap
.ht_supported
&& sta
->sta
.ht_cap
.ht_supported
) {
594 pos
= skb_put(skb
, 2 + sizeof(struct ieee80211_ht_operation
));
595 /* send an empty HT operation IE */
596 ieee80211_ie_build_ht_oper(pos
, &sta
->sta
.ht_cap
,
597 &sdata
->vif
.bss_conf
.chandef
, 0);
600 ieee80211_tdls_add_link_ie(sdata
, skb
, peer
, initiator
);
602 /* only include VHT-operation if not on the 2.4GHz band */
603 if (band
!= IEEE80211_BAND_2GHZ
&& sta
->sta
.vht_cap
.vht_supported
) {
605 * if both peers support WIDER_BW, we can expand the chandef to
606 * a wider compatible one, up to 80MHz
608 if (test_sta_flag(sta
, WLAN_STA_TDLS_WIDER_BW
))
609 ieee80211_tdls_chandef_vht_upgrade(sdata
, sta
);
611 pos
= skb_put(skb
, 2 + sizeof(struct ieee80211_vht_operation
));
612 ieee80211_ie_build_vht_oper(pos
, &sta
->sta
.vht_cap
,
616 mutex_unlock(&local
->sta_mtx
);
618 /* add any remaining IEs */
620 noffset
= extra_ies_len
;
621 pos
= skb_put(skb
, noffset
- offset
);
622 memcpy(pos
, extra_ies
+ offset
, noffset
- offset
);
627 ieee80211_tdls_add_chan_switch_req_ies(struct ieee80211_sub_if_data
*sdata
,
628 struct sk_buff
*skb
, const u8
*peer
,
629 bool initiator
, const u8
*extra_ies
,
630 size_t extra_ies_len
, u8 oper_class
,
631 struct cfg80211_chan_def
*chandef
)
633 struct ieee80211_tdls_data
*tf
;
634 size_t offset
= 0, noffset
;
637 if (WARN_ON_ONCE(!chandef
))
640 tf
= (void *)skb
->data
;
641 tf
->u
.chan_switch_req
.target_channel
=
642 ieee80211_frequency_to_channel(chandef
->chan
->center_freq
);
643 tf
->u
.chan_switch_req
.oper_class
= oper_class
;
646 static const u8 before_lnkie
[] = {
647 WLAN_EID_SECONDARY_CHANNEL_OFFSET
,
649 noffset
= ieee80211_ie_split(extra_ies
, extra_ies_len
,
651 ARRAY_SIZE(before_lnkie
),
653 pos
= skb_put(skb
, noffset
- offset
);
654 memcpy(pos
, extra_ies
+ offset
, noffset
- offset
);
658 ieee80211_tdls_add_link_ie(sdata
, skb
, peer
, initiator
);
660 /* add any remaining IEs */
662 noffset
= extra_ies_len
;
663 pos
= skb_put(skb
, noffset
- offset
);
664 memcpy(pos
, extra_ies
+ offset
, noffset
- offset
);
669 ieee80211_tdls_add_chan_switch_resp_ies(struct ieee80211_sub_if_data
*sdata
,
670 struct sk_buff
*skb
, const u8
*peer
,
671 u16 status_code
, bool initiator
,
673 size_t extra_ies_len
)
675 if (status_code
== 0)
676 ieee80211_tdls_add_link_ie(sdata
, skb
, peer
, initiator
);
679 memcpy(skb_put(skb
, extra_ies_len
), extra_ies
, extra_ies_len
);
682 static void ieee80211_tdls_add_ies(struct ieee80211_sub_if_data
*sdata
,
683 struct sk_buff
*skb
, const u8
*peer
,
684 u8 action_code
, u16 status_code
,
685 bool initiator
, const u8
*extra_ies
,
686 size_t extra_ies_len
, u8 oper_class
,
687 struct cfg80211_chan_def
*chandef
)
689 switch (action_code
) {
690 case WLAN_TDLS_SETUP_REQUEST
:
691 case WLAN_TDLS_SETUP_RESPONSE
:
692 case WLAN_PUB_ACTION_TDLS_DISCOVER_RES
:
693 if (status_code
== 0)
694 ieee80211_tdls_add_setup_start_ies(sdata
, skb
, peer
,
700 case WLAN_TDLS_SETUP_CONFIRM
:
701 if (status_code
== 0)
702 ieee80211_tdls_add_setup_cfm_ies(sdata
, skb
, peer
,
703 initiator
, extra_ies
,
706 case WLAN_TDLS_TEARDOWN
:
707 case WLAN_TDLS_DISCOVERY_REQUEST
:
709 memcpy(skb_put(skb
, extra_ies_len
), extra_ies
,
711 if (status_code
== 0 || action_code
== WLAN_TDLS_TEARDOWN
)
712 ieee80211_tdls_add_link_ie(sdata
, skb
, peer
, initiator
);
714 case WLAN_TDLS_CHANNEL_SWITCH_REQUEST
:
715 ieee80211_tdls_add_chan_switch_req_ies(sdata
, skb
, peer
,
716 initiator
, extra_ies
,
718 oper_class
, chandef
);
720 case WLAN_TDLS_CHANNEL_SWITCH_RESPONSE
:
721 ieee80211_tdls_add_chan_switch_resp_ies(sdata
, skb
, peer
,
723 initiator
, extra_ies
,
731 ieee80211_prep_tdls_encap_data(struct wiphy
*wiphy
, struct net_device
*dev
,
732 const u8
*peer
, u8 action_code
, u8 dialog_token
,
733 u16 status_code
, struct sk_buff
*skb
)
735 struct ieee80211_sub_if_data
*sdata
= IEEE80211_DEV_TO_SUB_IF(dev
);
736 struct ieee80211_tdls_data
*tf
;
738 tf
= (void *)skb_put(skb
, offsetof(struct ieee80211_tdls_data
, u
));
740 memcpy(tf
->da
, peer
, ETH_ALEN
);
741 memcpy(tf
->sa
, sdata
->vif
.addr
, ETH_ALEN
);
742 tf
->ether_type
= cpu_to_be16(ETH_P_TDLS
);
743 tf
->payload_type
= WLAN_TDLS_SNAP_RFTYPE
;
745 /* network header is after the ethernet header */
746 skb_set_network_header(skb
, ETH_HLEN
);
748 switch (action_code
) {
749 case WLAN_TDLS_SETUP_REQUEST
:
750 tf
->category
= WLAN_CATEGORY_TDLS
;
751 tf
->action_code
= WLAN_TDLS_SETUP_REQUEST
;
753 skb_put(skb
, sizeof(tf
->u
.setup_req
));
754 tf
->u
.setup_req
.dialog_token
= dialog_token
;
755 tf
->u
.setup_req
.capability
=
756 cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata
,
759 case WLAN_TDLS_SETUP_RESPONSE
:
760 tf
->category
= WLAN_CATEGORY_TDLS
;
761 tf
->action_code
= WLAN_TDLS_SETUP_RESPONSE
;
763 skb_put(skb
, sizeof(tf
->u
.setup_resp
));
764 tf
->u
.setup_resp
.status_code
= cpu_to_le16(status_code
);
765 tf
->u
.setup_resp
.dialog_token
= dialog_token
;
766 tf
->u
.setup_resp
.capability
=
767 cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata
,
770 case WLAN_TDLS_SETUP_CONFIRM
:
771 tf
->category
= WLAN_CATEGORY_TDLS
;
772 tf
->action_code
= WLAN_TDLS_SETUP_CONFIRM
;
774 skb_put(skb
, sizeof(tf
->u
.setup_cfm
));
775 tf
->u
.setup_cfm
.status_code
= cpu_to_le16(status_code
);
776 tf
->u
.setup_cfm
.dialog_token
= dialog_token
;
778 case WLAN_TDLS_TEARDOWN
:
779 tf
->category
= WLAN_CATEGORY_TDLS
;
780 tf
->action_code
= WLAN_TDLS_TEARDOWN
;
782 skb_put(skb
, sizeof(tf
->u
.teardown
));
783 tf
->u
.teardown
.reason_code
= cpu_to_le16(status_code
);
785 case WLAN_TDLS_DISCOVERY_REQUEST
:
786 tf
->category
= WLAN_CATEGORY_TDLS
;
787 tf
->action_code
= WLAN_TDLS_DISCOVERY_REQUEST
;
789 skb_put(skb
, sizeof(tf
->u
.discover_req
));
790 tf
->u
.discover_req
.dialog_token
= dialog_token
;
792 case WLAN_TDLS_CHANNEL_SWITCH_REQUEST
:
793 tf
->category
= WLAN_CATEGORY_TDLS
;
794 tf
->action_code
= WLAN_TDLS_CHANNEL_SWITCH_REQUEST
;
796 skb_put(skb
, sizeof(tf
->u
.chan_switch_req
));
798 case WLAN_TDLS_CHANNEL_SWITCH_RESPONSE
:
799 tf
->category
= WLAN_CATEGORY_TDLS
;
800 tf
->action_code
= WLAN_TDLS_CHANNEL_SWITCH_RESPONSE
;
802 skb_put(skb
, sizeof(tf
->u
.chan_switch_resp
));
803 tf
->u
.chan_switch_resp
.status_code
= cpu_to_le16(status_code
);
813 ieee80211_prep_tdls_direct(struct wiphy
*wiphy
, struct net_device
*dev
,
814 const u8
*peer
, u8 action_code
, u8 dialog_token
,
815 u16 status_code
, struct sk_buff
*skb
)
817 struct ieee80211_sub_if_data
*sdata
= IEEE80211_DEV_TO_SUB_IF(dev
);
818 struct ieee80211_mgmt
*mgmt
;
820 mgmt
= (void *)skb_put(skb
, 24);
822 memcpy(mgmt
->da
, peer
, ETH_ALEN
);
823 memcpy(mgmt
->sa
, sdata
->vif
.addr
, ETH_ALEN
);
824 memcpy(mgmt
->bssid
, sdata
->u
.mgd
.bssid
, ETH_ALEN
);
826 mgmt
->frame_control
= cpu_to_le16(IEEE80211_FTYPE_MGMT
|
827 IEEE80211_STYPE_ACTION
);
829 switch (action_code
) {
830 case WLAN_PUB_ACTION_TDLS_DISCOVER_RES
:
831 skb_put(skb
, 1 + sizeof(mgmt
->u
.action
.u
.tdls_discover_resp
));
832 mgmt
->u
.action
.category
= WLAN_CATEGORY_PUBLIC
;
833 mgmt
->u
.action
.u
.tdls_discover_resp
.action_code
=
834 WLAN_PUB_ACTION_TDLS_DISCOVER_RES
;
835 mgmt
->u
.action
.u
.tdls_discover_resp
.dialog_token
=
837 mgmt
->u
.action
.u
.tdls_discover_resp
.capability
=
838 cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata
,
848 static struct sk_buff
*
849 ieee80211_tdls_build_mgmt_packet_data(struct ieee80211_sub_if_data
*sdata
,
850 const u8
*peer
, u8 action_code
,
851 u8 dialog_token
, u16 status_code
,
852 bool initiator
, const u8
*extra_ies
,
853 size_t extra_ies_len
, u8 oper_class
,
854 struct cfg80211_chan_def
*chandef
)
856 struct ieee80211_local
*local
= sdata
->local
;
860 skb
= netdev_alloc_skb(sdata
->dev
,
861 local
->hw
.extra_tx_headroom
+
862 max(sizeof(struct ieee80211_mgmt
),
863 sizeof(struct ieee80211_tdls_data
)) +
864 50 + /* supported rates */
866 26 + /* max(WMM-info, WMM-param) */
867 2 + max(sizeof(struct ieee80211_ht_cap
),
868 sizeof(struct ieee80211_ht_operation
)) +
869 2 + max(sizeof(struct ieee80211_vht_cap
),
870 sizeof(struct ieee80211_vht_operation
)) +
871 50 + /* supported channels */
872 3 + /* 40/20 BSS coex */
874 4 + /* oper classes */
876 sizeof(struct ieee80211_tdls_lnkie
));
880 skb_reserve(skb
, local
->hw
.extra_tx_headroom
);
882 switch (action_code
) {
883 case WLAN_TDLS_SETUP_REQUEST
:
884 case WLAN_TDLS_SETUP_RESPONSE
:
885 case WLAN_TDLS_SETUP_CONFIRM
:
886 case WLAN_TDLS_TEARDOWN
:
887 case WLAN_TDLS_DISCOVERY_REQUEST
:
888 case WLAN_TDLS_CHANNEL_SWITCH_REQUEST
:
889 case WLAN_TDLS_CHANNEL_SWITCH_RESPONSE
:
890 ret
= ieee80211_prep_tdls_encap_data(local
->hw
.wiphy
,
892 action_code
, dialog_token
,
895 case WLAN_PUB_ACTION_TDLS_DISCOVER_RES
:
896 ret
= ieee80211_prep_tdls_direct(local
->hw
.wiphy
, sdata
->dev
,
898 dialog_token
, status_code
,
909 ieee80211_tdls_add_ies(sdata
, skb
, peer
, action_code
, status_code
,
910 initiator
, extra_ies
, extra_ies_len
, oper_class
,
920 ieee80211_tdls_prep_mgmt_packet(struct wiphy
*wiphy
, struct net_device
*dev
,
921 const u8
*peer
, u8 action_code
, u8 dialog_token
,
922 u16 status_code
, u32 peer_capability
,
923 bool initiator
, const u8
*extra_ies
,
924 size_t extra_ies_len
, u8 oper_class
,
925 struct cfg80211_chan_def
*chandef
)
927 struct ieee80211_sub_if_data
*sdata
= IEEE80211_DEV_TO_SUB_IF(dev
);
928 struct sk_buff
*skb
= NULL
;
929 struct sta_info
*sta
;
934 sta
= sta_info_get(sdata
, peer
);
936 /* infer the initiator if we can, to support old userspace */
937 switch (action_code
) {
938 case WLAN_TDLS_SETUP_REQUEST
:
940 set_sta_flag(sta
, WLAN_STA_TDLS_INITIATOR
);
941 sta
->sta
.tdls_initiator
= false;
944 case WLAN_TDLS_SETUP_CONFIRM
:
945 case WLAN_TDLS_DISCOVERY_REQUEST
:
948 case WLAN_TDLS_SETUP_RESPONSE
:
950 * In some testing scenarios, we send a request and response.
951 * Make the last packet sent take effect for the initiator
955 clear_sta_flag(sta
, WLAN_STA_TDLS_INITIATOR
);
956 sta
->sta
.tdls_initiator
= true;
959 case WLAN_PUB_ACTION_TDLS_DISCOVER_RES
:
962 case WLAN_TDLS_TEARDOWN
:
963 case WLAN_TDLS_CHANNEL_SWITCH_REQUEST
:
964 case WLAN_TDLS_CHANNEL_SWITCH_RESPONSE
:
965 /* any value is ok */
972 if (sta
&& test_sta_flag(sta
, WLAN_STA_TDLS_INITIATOR
))
979 skb
= ieee80211_tdls_build_mgmt_packet_data(sdata
, peer
, action_code
,
980 dialog_token
, status_code
,
981 initiator
, extra_ies
,
982 extra_ies_len
, oper_class
,
989 if (action_code
== WLAN_PUB_ACTION_TDLS_DISCOVER_RES
) {
990 ieee80211_tx_skb(sdata
, skb
);
995 * According to 802.11z: Setup req/resp are sent in AC_BK, otherwise
996 * we should default to AC_VI.
998 switch (action_code
) {
999 case WLAN_TDLS_SETUP_REQUEST
:
1000 case WLAN_TDLS_SETUP_RESPONSE
:
1001 skb_set_queue_mapping(skb
, IEEE80211_AC_BK
);
1005 skb_set_queue_mapping(skb
, IEEE80211_AC_VI
);
1011 * Set the WLAN_TDLS_TEARDOWN flag to indicate a teardown in progress.
1012 * Later, if no ACK is returned from peer, we will re-send the teardown
1013 * packet through the AP.
1015 if ((action_code
== WLAN_TDLS_TEARDOWN
) &&
1016 ieee80211_hw_check(&sdata
->local
->hw
, REPORTS_TX_ACK_STATUS
)) {
1017 bool try_resend
; /* Should we keep skb for possible resend */
1019 /* If not sending directly to peer - no point in keeping skb */
1021 sta
= sta_info_get(sdata
, peer
);
1022 try_resend
= sta
&& test_sta_flag(sta
, WLAN_STA_TDLS_PEER_AUTH
);
1025 spin_lock_bh(&sdata
->u
.mgd
.teardown_lock
);
1026 if (try_resend
&& !sdata
->u
.mgd
.teardown_skb
) {
1027 /* Mark it as requiring TX status callback */
1028 flags
|= IEEE80211_TX_CTL_REQ_TX_STATUS
|
1029 IEEE80211_TX_INTFL_MLME_CONN_TX
;
1032 * skb is copied since mac80211 will later set
1033 * properties that might not be the same as the AP,
1034 * such as encryption, QoS, addresses, etc.
1036 * No problem if skb_copy() fails, so no need to check.
1038 sdata
->u
.mgd
.teardown_skb
= skb_copy(skb
, GFP_ATOMIC
);
1039 sdata
->u
.mgd
.orig_teardown_skb
= skb
;
1041 spin_unlock_bh(&sdata
->u
.mgd
.teardown_lock
);
1044 /* disable bottom halves when entering the Tx path */
1046 __ieee80211_subif_start_xmit(skb
, dev
, flags
);
1057 ieee80211_tdls_mgmt_setup(struct wiphy
*wiphy
, struct net_device
*dev
,
1058 const u8
*peer
, u8 action_code
, u8 dialog_token
,
1059 u16 status_code
, u32 peer_capability
, bool initiator
,
1060 const u8
*extra_ies
, size_t extra_ies_len
)
1062 struct ieee80211_sub_if_data
*sdata
= IEEE80211_DEV_TO_SUB_IF(dev
);
1063 struct ieee80211_local
*local
= sdata
->local
;
1064 enum ieee80211_smps_mode smps_mode
= sdata
->u
.mgd
.driver_smps_mode
;
1067 /* don't support setup with forced SMPS mode that's not off */
1068 if (smps_mode
!= IEEE80211_SMPS_AUTOMATIC
&&
1069 smps_mode
!= IEEE80211_SMPS_OFF
) {
1070 tdls_dbg(sdata
, "Aborting TDLS setup due to SMPS mode %d\n",
1075 mutex_lock(&local
->mtx
);
1077 /* we don't support concurrent TDLS peer setups */
1078 if (!is_zero_ether_addr(sdata
->u
.mgd
.tdls_peer
) &&
1079 !ether_addr_equal(sdata
->u
.mgd
.tdls_peer
, peer
)) {
1085 * make sure we have a STA representing the peer so we drop or buffer
1086 * non-TDLS-setup frames to the peer. We can't send other packets
1087 * during setup through the AP path.
1088 * Allow error packets to be sent - sometimes we don't even add a STA
1089 * before failing the setup.
1091 if (status_code
== 0) {
1093 if (!sta_info_get(sdata
, peer
)) {
1101 ieee80211_flush_queues(local
, sdata
, false);
1102 memcpy(sdata
->u
.mgd
.tdls_peer
, peer
, ETH_ALEN
);
1103 mutex_unlock(&local
->mtx
);
1105 /* we cannot take the mutex while preparing the setup packet */
1106 ret
= ieee80211_tdls_prep_mgmt_packet(wiphy
, dev
, peer
, action_code
,
1107 dialog_token
, status_code
,
1108 peer_capability
, initiator
,
1109 extra_ies
, extra_ies_len
, 0,
1112 mutex_lock(&local
->mtx
);
1113 eth_zero_addr(sdata
->u
.mgd
.tdls_peer
);
1114 mutex_unlock(&local
->mtx
);
1118 ieee80211_queue_delayed_work(&sdata
->local
->hw
,
1119 &sdata
->u
.mgd
.tdls_peer_del_work
,
1120 TDLS_PEER_SETUP_TIMEOUT
);
1124 mutex_unlock(&local
->mtx
);
1129 ieee80211_tdls_mgmt_teardown(struct wiphy
*wiphy
, struct net_device
*dev
,
1130 const u8
*peer
, u8 action_code
, u8 dialog_token
,
1131 u16 status_code
, u32 peer_capability
,
1132 bool initiator
, const u8
*extra_ies
,
1133 size_t extra_ies_len
)
1135 struct ieee80211_sub_if_data
*sdata
= IEEE80211_DEV_TO_SUB_IF(dev
);
1136 struct ieee80211_local
*local
= sdata
->local
;
1137 struct sta_info
*sta
;
1141 * No packets can be transmitted to the peer via the AP during setup -
1142 * the STA is set as a TDLS peer, but is not authorized.
1143 * During teardown, we prevent direct transmissions by stopping the
1144 * queues and flushing all direct packets.
1146 ieee80211_stop_vif_queues(local
, sdata
,
1147 IEEE80211_QUEUE_STOP_REASON_TDLS_TEARDOWN
);
1148 ieee80211_flush_queues(local
, sdata
, false);
1150 ret
= ieee80211_tdls_prep_mgmt_packet(wiphy
, dev
, peer
, action_code
,
1151 dialog_token
, status_code
,
1152 peer_capability
, initiator
,
1153 extra_ies
, extra_ies_len
, 0,
1156 sdata_err(sdata
, "Failed sending TDLS teardown packet %d\n",
1160 * Remove the STA AUTH flag to force further traffic through the AP. If
1161 * the STA was unreachable, it was already removed.
1164 sta
= sta_info_get(sdata
, peer
);
1166 clear_sta_flag(sta
, WLAN_STA_TDLS_PEER_AUTH
);
1169 ieee80211_wake_vif_queues(local
, sdata
,
1170 IEEE80211_QUEUE_STOP_REASON_TDLS_TEARDOWN
);
1175 int ieee80211_tdls_mgmt(struct wiphy
*wiphy
, struct net_device
*dev
,
1176 const u8
*peer
, u8 action_code
, u8 dialog_token
,
1177 u16 status_code
, u32 peer_capability
,
1178 bool initiator
, const u8
*extra_ies
,
1179 size_t extra_ies_len
)
1181 struct ieee80211_sub_if_data
*sdata
= IEEE80211_DEV_TO_SUB_IF(dev
);
1184 if (!(wiphy
->flags
& WIPHY_FLAG_SUPPORTS_TDLS
))
1187 /* make sure we are in managed mode, and associated */
1188 if (sdata
->vif
.type
!= NL80211_IFTYPE_STATION
||
1189 !sdata
->u
.mgd
.associated
)
1192 switch (action_code
) {
1193 case WLAN_TDLS_SETUP_REQUEST
:
1194 case WLAN_TDLS_SETUP_RESPONSE
:
1195 ret
= ieee80211_tdls_mgmt_setup(wiphy
, dev
, peer
, action_code
,
1196 dialog_token
, status_code
,
1197 peer_capability
, initiator
,
1198 extra_ies
, extra_ies_len
);
1200 case WLAN_TDLS_TEARDOWN
:
1201 ret
= ieee80211_tdls_mgmt_teardown(wiphy
, dev
, peer
,
1202 action_code
, dialog_token
,
1204 peer_capability
, initiator
,
1205 extra_ies
, extra_ies_len
);
1207 case WLAN_TDLS_DISCOVERY_REQUEST
:
1209 * Protect the discovery so we can hear the TDLS discovery
1210 * response frame. It is transmitted directly and not buffered
1213 drv_mgd_protect_tdls_discover(sdata
->local
, sdata
);
1215 case WLAN_TDLS_SETUP_CONFIRM
:
1216 case WLAN_PUB_ACTION_TDLS_DISCOVER_RES
:
1217 /* no special handling */
1218 ret
= ieee80211_tdls_prep_mgmt_packet(wiphy
, dev
, peer
,
1223 initiator
, extra_ies
,
1224 extra_ies_len
, 0, NULL
);
1231 tdls_dbg(sdata
, "TDLS mgmt action %d peer %pM status %d\n",
1232 action_code
, peer
, ret
);
1236 static void iee80211_tdls_recalc_chanctx(struct ieee80211_sub_if_data
*sdata
)
1238 struct ieee80211_local
*local
= sdata
->local
;
1239 struct ieee80211_chanctx_conf
*conf
;
1240 struct ieee80211_chanctx
*ctx
;
1242 mutex_lock(&local
->chanctx_mtx
);
1243 conf
= rcu_dereference_protected(sdata
->vif
.chanctx_conf
,
1244 lockdep_is_held(&local
->chanctx_mtx
));
1246 ctx
= container_of(conf
, struct ieee80211_chanctx
, conf
);
1247 ieee80211_recalc_chanctx_chantype(local
, ctx
);
1249 mutex_unlock(&local
->chanctx_mtx
);
1252 static int iee80211_tdls_have_ht_peers(struct ieee80211_sub_if_data
*sdata
)
1254 struct sta_info
*sta
;
1255 bool result
= false;
1258 list_for_each_entry_rcu(sta
, &sdata
->local
->sta_list
, list
) {
1259 if (!sta
->sta
.tdls
|| sta
->sdata
!= sdata
|| !sta
->uploaded
||
1260 !test_sta_flag(sta
, WLAN_STA_AUTHORIZED
) ||
1261 !test_sta_flag(sta
, WLAN_STA_TDLS_PEER_AUTH
) ||
1262 !sta
->sta
.ht_cap
.ht_supported
)
1273 iee80211_tdls_recalc_ht_protection(struct ieee80211_sub_if_data
*sdata
,
1274 struct sta_info
*sta
)
1276 struct ieee80211_if_managed
*ifmgd
= &sdata
->u
.mgd
;
1278 u16 protection
= IEEE80211_HT_OP_MODE_PROTECTION_NONHT_MIXED
|
1279 IEEE80211_HT_OP_MODE_NON_GF_STA_PRSNT
|
1280 IEEE80211_HT_OP_MODE_NON_HT_STA_PRSNT
;
1283 /* Nothing to do if the BSS connection uses HT */
1284 if (!(ifmgd
->flags
& IEEE80211_STA_DISABLE_HT
))
1287 tdls_ht
= (sta
&& sta
->sta
.ht_cap
.ht_supported
) ||
1288 iee80211_tdls_have_ht_peers(sdata
);
1290 opmode
= sdata
->vif
.bss_conf
.ht_operation_mode
;
1293 opmode
|= protection
;
1295 opmode
&= ~protection
;
1297 if (opmode
== sdata
->vif
.bss_conf
.ht_operation_mode
)
1300 sdata
->vif
.bss_conf
.ht_operation_mode
= opmode
;
1301 ieee80211_bss_info_change_notify(sdata
, BSS_CHANGED_HT
);
1304 int ieee80211_tdls_oper(struct wiphy
*wiphy
, struct net_device
*dev
,
1305 const u8
*peer
, enum nl80211_tdls_operation oper
)
1307 struct sta_info
*sta
;
1308 struct ieee80211_sub_if_data
*sdata
= IEEE80211_DEV_TO_SUB_IF(dev
);
1309 struct ieee80211_local
*local
= sdata
->local
;
1312 if (!(wiphy
->flags
& WIPHY_FLAG_SUPPORTS_TDLS
))
1315 if (sdata
->vif
.type
!= NL80211_IFTYPE_STATION
)
1319 case NL80211_TDLS_ENABLE_LINK
:
1320 case NL80211_TDLS_DISABLE_LINK
:
1322 case NL80211_TDLS_TEARDOWN
:
1323 case NL80211_TDLS_SETUP
:
1324 case NL80211_TDLS_DISCOVERY_REQ
:
1325 /* We don't support in-driver setup/teardown/discovery */
1329 /* protect possible bss_conf changes and avoid concurrency in
1330 * ieee80211_bss_info_change_notify()
1333 mutex_lock(&local
->mtx
);
1334 tdls_dbg(sdata
, "TDLS oper %d peer %pM\n", oper
, peer
);
1337 case NL80211_TDLS_ENABLE_LINK
:
1338 if (sdata
->vif
.csa_active
) {
1339 tdls_dbg(sdata
, "TDLS: disallow link during CSA\n");
1344 iee80211_tdls_recalc_chanctx(sdata
);
1346 mutex_lock(&local
->sta_mtx
);
1347 sta
= sta_info_get(sdata
, peer
);
1349 mutex_unlock(&local
->sta_mtx
);
1354 iee80211_tdls_recalc_ht_protection(sdata
, sta
);
1356 set_sta_flag(sta
, WLAN_STA_TDLS_PEER_AUTH
);
1357 mutex_unlock(&local
->sta_mtx
);
1359 WARN_ON_ONCE(is_zero_ether_addr(sdata
->u
.mgd
.tdls_peer
) ||
1360 !ether_addr_equal(sdata
->u
.mgd
.tdls_peer
, peer
));
1363 case NL80211_TDLS_DISABLE_LINK
:
1365 * The teardown message in ieee80211_tdls_mgmt_teardown() was
1366 * created while the queues were stopped, so it might still be
1367 * pending. Before flushing the queues we need to be sure the
1368 * message is handled by the tasklet handling pending messages,
1369 * otherwise we might start destroying the station before
1370 * sending the teardown packet.
1371 * Note that this only forces the tasklet to flush pendings -
1372 * not to stop the tasklet from rescheduling itself.
1374 tasklet_kill(&local
->tx_pending_tasklet
);
1375 /* flush a potentially queued teardown packet */
1376 ieee80211_flush_queues(local
, sdata
, false);
1378 ret
= sta_info_destroy_addr(sdata
, peer
);
1380 mutex_lock(&local
->sta_mtx
);
1381 iee80211_tdls_recalc_ht_protection(sdata
, NULL
);
1382 mutex_unlock(&local
->sta_mtx
);
1384 iee80211_tdls_recalc_chanctx(sdata
);
1391 if (ret
== 0 && ether_addr_equal(sdata
->u
.mgd
.tdls_peer
, peer
)) {
1392 cancel_delayed_work(&sdata
->u
.mgd
.tdls_peer_del_work
);
1393 eth_zero_addr(sdata
->u
.mgd
.tdls_peer
);
1397 ieee80211_queue_work(&sdata
->local
->hw
,
1398 &sdata
->u
.mgd
.request_smps_work
);
1400 mutex_unlock(&local
->mtx
);
1401 sdata_unlock(sdata
);
1405 void ieee80211_tdls_oper_request(struct ieee80211_vif
*vif
, const u8
*peer
,
1406 enum nl80211_tdls_operation oper
,
1407 u16 reason_code
, gfp_t gfp
)
1409 struct ieee80211_sub_if_data
*sdata
= vif_to_sdata(vif
);
1411 if (vif
->type
!= NL80211_IFTYPE_STATION
|| !vif
->bss_conf
.assoc
) {
1412 sdata_err(sdata
, "Discarding TDLS oper %d - not STA or disconnected\n",
1417 cfg80211_tdls_oper_request(sdata
->dev
, peer
, oper
, reason_code
, gfp
);
1419 EXPORT_SYMBOL(ieee80211_tdls_oper_request
);
1422 iee80211_tdls_add_ch_switch_timing(u8
*buf
, u16 switch_time
, u16 switch_timeout
)
1424 struct ieee80211_ch_switch_timing
*ch_sw
;
1426 *buf
++ = WLAN_EID_CHAN_SWITCH_TIMING
;
1427 *buf
++ = sizeof(struct ieee80211_ch_switch_timing
);
1429 ch_sw
= (void *)buf
;
1430 ch_sw
->switch_time
= cpu_to_le16(switch_time
);
1431 ch_sw
->switch_timeout
= cpu_to_le16(switch_timeout
);
1434 /* find switch timing IE in SKB ready for Tx */
1435 static const u8
*ieee80211_tdls_find_sw_timing_ie(struct sk_buff
*skb
)
1437 struct ieee80211_tdls_data
*tf
;
1441 * Get the offset for the new location of the switch timing IE.
1442 * The SKB network header will now point to the "payload_type"
1443 * element of the TDLS data frame struct.
1445 tf
= container_of(skb
->data
+ skb_network_offset(skb
),
1446 struct ieee80211_tdls_data
, payload_type
);
1447 ie_start
= tf
->u
.chan_switch_req
.variable
;
1448 return cfg80211_find_ie(WLAN_EID_CHAN_SWITCH_TIMING
, ie_start
,
1449 skb
->len
- (ie_start
- skb
->data
));
1452 static struct sk_buff
*
1453 ieee80211_tdls_ch_sw_tmpl_get(struct sta_info
*sta
, u8 oper_class
,
1454 struct cfg80211_chan_def
*chandef
,
1455 u32
*ch_sw_tm_ie_offset
)
1457 struct ieee80211_sub_if_data
*sdata
= sta
->sdata
;
1458 u8 extra_ies
[2 + sizeof(struct ieee80211_sec_chan_offs_ie
) +
1459 2 + sizeof(struct ieee80211_ch_switch_timing
)];
1460 int extra_ies_len
= 2 + sizeof(struct ieee80211_ch_switch_timing
);
1461 u8
*pos
= extra_ies
;
1462 struct sk_buff
*skb
;
1465 * if chandef points to a wide channel add a Secondary-Channel
1466 * Offset information element
1468 if (chandef
->width
== NL80211_CHAN_WIDTH_40
) {
1469 struct ieee80211_sec_chan_offs_ie
*sec_chan_ie
;
1472 *pos
++ = WLAN_EID_SECONDARY_CHANNEL_OFFSET
;
1473 *pos
++ = sizeof(*sec_chan_ie
);
1474 sec_chan_ie
= (void *)pos
;
1476 ht40plus
= cfg80211_get_chandef_type(chandef
) ==
1477 NL80211_CHAN_HT40PLUS
;
1478 sec_chan_ie
->sec_chan_offs
= ht40plus
?
1479 IEEE80211_HT_PARAM_CHA_SEC_ABOVE
:
1480 IEEE80211_HT_PARAM_CHA_SEC_BELOW
;
1481 pos
+= sizeof(*sec_chan_ie
);
1483 extra_ies_len
+= 2 + sizeof(struct ieee80211_sec_chan_offs_ie
);
1486 /* just set the values to 0, this is a template */
1487 iee80211_tdls_add_ch_switch_timing(pos
, 0, 0);
1489 skb
= ieee80211_tdls_build_mgmt_packet_data(sdata
, sta
->sta
.addr
,
1490 WLAN_TDLS_CHANNEL_SWITCH_REQUEST
,
1491 0, 0, !sta
->sta
.tdls_initiator
,
1492 extra_ies
, extra_ies_len
,
1493 oper_class
, chandef
);
1497 skb
= ieee80211_build_data_template(sdata
, skb
, 0);
1499 tdls_dbg(sdata
, "Failed building TDLS channel switch frame\n");
1503 if (ch_sw_tm_ie_offset
) {
1504 const u8
*tm_ie
= ieee80211_tdls_find_sw_timing_ie(skb
);
1507 tdls_dbg(sdata
, "No switch timing IE in TDLS switch\n");
1508 dev_kfree_skb_any(skb
);
1512 *ch_sw_tm_ie_offset
= tm_ie
- skb
->data
;
1516 "TDLS channel switch request template for %pM ch %d width %d\n",
1517 sta
->sta
.addr
, chandef
->chan
->center_freq
, chandef
->width
);
1522 ieee80211_tdls_channel_switch(struct wiphy
*wiphy
, struct net_device
*dev
,
1523 const u8
*addr
, u8 oper_class
,
1524 struct cfg80211_chan_def
*chandef
)
1526 struct ieee80211_sub_if_data
*sdata
= IEEE80211_DEV_TO_SUB_IF(dev
);
1527 struct ieee80211_local
*local
= sdata
->local
;
1528 struct sta_info
*sta
;
1529 struct sk_buff
*skb
= NULL
;
1533 mutex_lock(&local
->sta_mtx
);
1534 sta
= sta_info_get(sdata
, addr
);
1537 "Invalid TDLS peer %pM for channel switch request\n",
1543 if (!test_sta_flag(sta
, WLAN_STA_TDLS_CHAN_SWITCH
)) {
1544 tdls_dbg(sdata
, "TDLS channel switch unsupported by %pM\n",
1550 skb
= ieee80211_tdls_ch_sw_tmpl_get(sta
, oper_class
, chandef
,
1557 ret
= drv_tdls_channel_switch(local
, sdata
, &sta
->sta
, oper_class
,
1558 chandef
, skb
, ch_sw_tm_ie
);
1560 set_sta_flag(sta
, WLAN_STA_TDLS_OFF_CHANNEL
);
1563 mutex_unlock(&local
->sta_mtx
);
1564 dev_kfree_skb_any(skb
);
1569 ieee80211_tdls_cancel_channel_switch(struct wiphy
*wiphy
,
1570 struct net_device
*dev
,
1573 struct ieee80211_sub_if_data
*sdata
= IEEE80211_DEV_TO_SUB_IF(dev
);
1574 struct ieee80211_local
*local
= sdata
->local
;
1575 struct sta_info
*sta
;
1577 mutex_lock(&local
->sta_mtx
);
1578 sta
= sta_info_get(sdata
, addr
);
1581 "Invalid TDLS peer %pM for channel switch cancel\n",
1586 if (!test_sta_flag(sta
, WLAN_STA_TDLS_OFF_CHANNEL
)) {
1587 tdls_dbg(sdata
, "TDLS channel switch not initiated by %pM\n",
1592 drv_tdls_cancel_channel_switch(local
, sdata
, &sta
->sta
);
1593 clear_sta_flag(sta
, WLAN_STA_TDLS_OFF_CHANNEL
);
1596 mutex_unlock(&local
->sta_mtx
);
1599 static struct sk_buff
*
1600 ieee80211_tdls_ch_sw_resp_tmpl_get(struct sta_info
*sta
,
1601 u32
*ch_sw_tm_ie_offset
)
1603 struct ieee80211_sub_if_data
*sdata
= sta
->sdata
;
1604 struct sk_buff
*skb
;
1605 u8 extra_ies
[2 + sizeof(struct ieee80211_ch_switch_timing
)];
1607 /* initial timing are always zero in the template */
1608 iee80211_tdls_add_ch_switch_timing(extra_ies
, 0, 0);
1610 skb
= ieee80211_tdls_build_mgmt_packet_data(sdata
, sta
->sta
.addr
,
1611 WLAN_TDLS_CHANNEL_SWITCH_RESPONSE
,
1612 0, 0, !sta
->sta
.tdls_initiator
,
1613 extra_ies
, sizeof(extra_ies
), 0, NULL
);
1617 skb
= ieee80211_build_data_template(sdata
, skb
, 0);
1620 "Failed building TDLS channel switch resp frame\n");
1624 if (ch_sw_tm_ie_offset
) {
1625 const u8
*tm_ie
= ieee80211_tdls_find_sw_timing_ie(skb
);
1629 "No switch timing IE in TDLS switch resp\n");
1630 dev_kfree_skb_any(skb
);
1634 *ch_sw_tm_ie_offset
= tm_ie
- skb
->data
;
1637 tdls_dbg(sdata
, "TDLS get channel switch response template for %pM\n",
1643 ieee80211_process_tdls_channel_switch_resp(struct ieee80211_sub_if_data
*sdata
,
1644 struct sk_buff
*skb
)
1646 struct ieee80211_local
*local
= sdata
->local
;
1647 struct ieee802_11_elems elems
;
1648 struct sta_info
*sta
;
1649 struct ieee80211_tdls_data
*tf
= (void *)skb
->data
;
1650 bool local_initiator
;
1651 struct ieee80211_rx_status
*rx_status
= IEEE80211_SKB_RXCB(skb
);
1652 int baselen
= offsetof(typeof(*tf
), u
.chan_switch_resp
.variable
);
1653 struct ieee80211_tdls_ch_sw_params params
= {};
1656 params
.action_code
= WLAN_TDLS_CHANNEL_SWITCH_RESPONSE
;
1657 params
.timestamp
= rx_status
->device_timestamp
;
1659 if (skb
->len
< baselen
) {
1660 tdls_dbg(sdata
, "TDLS channel switch resp too short: %d\n",
1665 mutex_lock(&local
->sta_mtx
);
1666 sta
= sta_info_get(sdata
, tf
->sa
);
1667 if (!sta
|| !test_sta_flag(sta
, WLAN_STA_TDLS_PEER_AUTH
)) {
1668 tdls_dbg(sdata
, "TDLS chan switch from non-peer sta %pM\n",
1674 params
.sta
= &sta
->sta
;
1675 params
.status
= le16_to_cpu(tf
->u
.chan_switch_resp
.status_code
);
1676 if (params
.status
!= 0) {
1681 ieee802_11_parse_elems(tf
->u
.chan_switch_resp
.variable
,
1682 skb
->len
- baselen
, false, &elems
);
1683 if (elems
.parse_error
) {
1684 tdls_dbg(sdata
, "Invalid IEs in TDLS channel switch resp\n");
1689 if (!elems
.ch_sw_timing
|| !elems
.lnk_id
) {
1690 tdls_dbg(sdata
, "TDLS channel switch resp - missing IEs\n");
1695 /* validate the initiator is set correctly */
1697 !memcmp(elems
.lnk_id
->init_sta
, sdata
->vif
.addr
, ETH_ALEN
);
1698 if (local_initiator
== sta
->sta
.tdls_initiator
) {
1699 tdls_dbg(sdata
, "TDLS chan switch invalid lnk-id initiator\n");
1704 params
.switch_time
= le16_to_cpu(elems
.ch_sw_timing
->switch_time
);
1705 params
.switch_timeout
= le16_to_cpu(elems
.ch_sw_timing
->switch_timeout
);
1708 ieee80211_tdls_ch_sw_resp_tmpl_get(sta
, ¶ms
.ch_sw_tm_ie
);
1709 if (!params
.tmpl_skb
) {
1715 drv_tdls_recv_channel_switch(sdata
->local
, sdata
, ¶ms
);
1718 "TDLS channel switch response received from %pM status %d\n",
1719 tf
->sa
, params
.status
);
1722 mutex_unlock(&local
->sta_mtx
);
1723 dev_kfree_skb_any(params
.tmpl_skb
);
1728 ieee80211_process_tdls_channel_switch_req(struct ieee80211_sub_if_data
*sdata
,
1729 struct sk_buff
*skb
)
1731 struct ieee80211_local
*local
= sdata
->local
;
1732 struct ieee802_11_elems elems
;
1733 struct cfg80211_chan_def chandef
;
1734 struct ieee80211_channel
*chan
;
1735 enum nl80211_channel_type chan_type
;
1737 u8 target_channel
, oper_class
;
1738 bool local_initiator
;
1739 struct sta_info
*sta
;
1740 enum ieee80211_band band
;
1741 struct ieee80211_tdls_data
*tf
= (void *)skb
->data
;
1742 struct ieee80211_rx_status
*rx_status
= IEEE80211_SKB_RXCB(skb
);
1743 int baselen
= offsetof(typeof(*tf
), u
.chan_switch_req
.variable
);
1744 struct ieee80211_tdls_ch_sw_params params
= {};
1747 params
.action_code
= WLAN_TDLS_CHANNEL_SWITCH_REQUEST
;
1748 params
.timestamp
= rx_status
->device_timestamp
;
1750 if (skb
->len
< baselen
) {
1751 tdls_dbg(sdata
, "TDLS channel switch req too short: %d\n",
1756 target_channel
= tf
->u
.chan_switch_req
.target_channel
;
1757 oper_class
= tf
->u
.chan_switch_req
.oper_class
;
1760 * We can't easily infer the channel band. The operating class is
1761 * ambiguous - there are multiple tables (US/Europe/JP/Global). The
1762 * solution here is to treat channels with number >14 as 5GHz ones,
1763 * and specifically check for the (oper_class, channel) combinations
1764 * where this doesn't hold. These are thankfully unique according to
1766 * We consider only the 2GHz and 5GHz bands and 20MHz+ channels as
1769 if ((oper_class
== 112 || oper_class
== 2 || oper_class
== 3 ||
1770 oper_class
== 4 || oper_class
== 5 || oper_class
== 6) &&
1771 target_channel
< 14)
1772 band
= IEEE80211_BAND_5GHZ
;
1774 band
= target_channel
< 14 ? IEEE80211_BAND_2GHZ
:
1775 IEEE80211_BAND_5GHZ
;
1777 freq
= ieee80211_channel_to_frequency(target_channel
, band
);
1779 tdls_dbg(sdata
, "Invalid channel in TDLS chan switch: %d\n",
1784 chan
= ieee80211_get_channel(sdata
->local
->hw
.wiphy
, freq
);
1787 "Unsupported channel for TDLS chan switch: %d\n",
1792 ieee802_11_parse_elems(tf
->u
.chan_switch_req
.variable
,
1793 skb
->len
- baselen
, false, &elems
);
1794 if (elems
.parse_error
) {
1795 tdls_dbg(sdata
, "Invalid IEs in TDLS channel switch req\n");
1799 if (!elems
.ch_sw_timing
|| !elems
.lnk_id
) {
1800 tdls_dbg(sdata
, "TDLS channel switch req - missing IEs\n");
1804 if (!elems
.sec_chan_offs
) {
1805 chan_type
= NL80211_CHAN_HT20
;
1807 switch (elems
.sec_chan_offs
->sec_chan_offs
) {
1808 case IEEE80211_HT_PARAM_CHA_SEC_ABOVE
:
1809 chan_type
= NL80211_CHAN_HT40PLUS
;
1811 case IEEE80211_HT_PARAM_CHA_SEC_BELOW
:
1812 chan_type
= NL80211_CHAN_HT40MINUS
;
1815 chan_type
= NL80211_CHAN_HT20
;
1820 cfg80211_chandef_create(&chandef
, chan
, chan_type
);
1822 /* we will be active on the TDLS link */
1823 if (!cfg80211_reg_can_beacon_relax(sdata
->local
->hw
.wiphy
, &chandef
,
1824 sdata
->wdev
.iftype
)) {
1825 tdls_dbg(sdata
, "TDLS chan switch to forbidden channel\n");
1829 mutex_lock(&local
->sta_mtx
);
1830 sta
= sta_info_get(sdata
, tf
->sa
);
1831 if (!sta
|| !test_sta_flag(sta
, WLAN_STA_TDLS_PEER_AUTH
)) {
1832 tdls_dbg(sdata
, "TDLS chan switch from non-peer sta %pM\n",
1838 params
.sta
= &sta
->sta
;
1840 /* validate the initiator is set correctly */
1842 !memcmp(elems
.lnk_id
->init_sta
, sdata
->vif
.addr
, ETH_ALEN
);
1843 if (local_initiator
== sta
->sta
.tdls_initiator
) {
1844 tdls_dbg(sdata
, "TDLS chan switch invalid lnk-id initiator\n");
1849 /* peer should have known better */
1850 if (!sta
->sta
.ht_cap
.ht_supported
&& elems
.sec_chan_offs
&&
1851 elems
.sec_chan_offs
->sec_chan_offs
) {
1852 tdls_dbg(sdata
, "TDLS chan switch - wide chan unsupported\n");
1857 params
.chandef
= &chandef
;
1858 params
.switch_time
= le16_to_cpu(elems
.ch_sw_timing
->switch_time
);
1859 params
.switch_timeout
= le16_to_cpu(elems
.ch_sw_timing
->switch_timeout
);
1862 ieee80211_tdls_ch_sw_resp_tmpl_get(sta
,
1863 ¶ms
.ch_sw_tm_ie
);
1864 if (!params
.tmpl_skb
) {
1869 drv_tdls_recv_channel_switch(sdata
->local
, sdata
, ¶ms
);
1872 "TDLS ch switch request received from %pM ch %d width %d\n",
1873 tf
->sa
, params
.chandef
->chan
->center_freq
,
1874 params
.chandef
->width
);
1876 mutex_unlock(&local
->sta_mtx
);
1877 dev_kfree_skb_any(params
.tmpl_skb
);
1882 ieee80211_process_tdls_channel_switch(struct ieee80211_sub_if_data
*sdata
,
1883 struct sk_buff
*skb
)
1885 struct ieee80211_tdls_data
*tf
= (void *)skb
->data
;
1886 struct wiphy
*wiphy
= sdata
->local
->hw
.wiphy
;
1890 /* make sure the driver supports it */
1891 if (!(wiphy
->features
& NL80211_FEATURE_TDLS_CHANNEL_SWITCH
))
1894 /* we want to access the entire packet */
1895 if (skb_linearize(skb
))
1898 * The packet/size was already validated by mac80211 Rx path, only look
1899 * at the action type.
1901 switch (tf
->action_code
) {
1902 case WLAN_TDLS_CHANNEL_SWITCH_REQUEST
:
1903 ieee80211_process_tdls_channel_switch_req(sdata
, skb
);
1905 case WLAN_TDLS_CHANNEL_SWITCH_RESPONSE
:
1906 ieee80211_process_tdls_channel_switch_resp(sdata
, skb
);
1914 void ieee80211_teardown_tdls_peers(struct ieee80211_sub_if_data
*sdata
)
1916 struct sta_info
*sta
;
1917 u16 reason
= WLAN_REASON_TDLS_TEARDOWN_UNSPECIFIED
;
1920 list_for_each_entry_rcu(sta
, &sdata
->local
->sta_list
, list
) {
1921 if (!sta
->sta
.tdls
|| sta
->sdata
!= sdata
|| !sta
->uploaded
||
1922 !test_sta_flag(sta
, WLAN_STA_AUTHORIZED
))
1925 ieee80211_tdls_oper_request(&sdata
->vif
, sta
->sta
.addr
,
1926 NL80211_TDLS_TEARDOWN
, reason
,
1932 void ieee80211_tdls_chsw_work(struct work_struct
*wk
)
1934 struct ieee80211_local
*local
=
1935 container_of(wk
, struct ieee80211_local
, tdls_chsw_work
);
1936 struct ieee80211_sub_if_data
*sdata
;
1937 struct sk_buff
*skb
;
1938 struct ieee80211_tdls_data
*tf
;
1941 while ((skb
= skb_dequeue(&local
->skb_queue_tdls_chsw
))) {
1942 tf
= (struct ieee80211_tdls_data
*)skb
->data
;
1943 list_for_each_entry(sdata
, &local
->interfaces
, list
) {
1944 if (!ieee80211_sdata_running(sdata
) ||
1945 sdata
->vif
.type
!= NL80211_IFTYPE_STATION
||
1946 !ether_addr_equal(tf
->da
, sdata
->vif
.addr
))
1949 ieee80211_process_tdls_channel_switch(sdata
, skb
);